AN-TGT-001 Target Developer

Performs highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.

Performs target system analysis, builds and/or maintains electronic target folders to include inputs from environment preparation, and/or internal or external intelligence sources. Coordinates with partner target activities and intelligence organizations, and presents candidate targets for vetting and validation.

Knowledges 66

Code Description Work Roles
K0001 Knowledge of computer networking concepts and protocols, and network security methodologies. 52
K0002 Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 52
K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 52
K0004 Knowledge of cybersecurity and privacy principles. 52
K0005 Knowledge of cyber threats and vulnerabilities. 52
K0006 Knowledge of specific operational impacts of cybersecurity lapses. 52
K0036 Knowledge of human-computer interaction principles. 12
K0058 Knowledge of network traffic analysis methods. 10
K0108 Knowledge of concepts, terminology, and operations of a wide range of communications media (computer and telephone networks, satellite, fiber, wireless). 11
K0109 Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage). 15
K0142 Knowledge of collection management processes, capabilities, and limitations. 4
K0177 Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 12
K0349 Knowledge of website types, administration, functions, and content management system (CMS). 8
K0351 Knowledge of applicable statutes, laws, regulations and policies governing cyber targeting and exploitation. 3
K0357 WITHDRAWN: Knowledge of analytical constructs and their use in assessing the operational environment. (See K0224) 2
K0362 Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.). 9
K0379 Knowledge of client organizations, including information needs, objectives, structure, capabilities, etc. 7
K0381 Knowledge of collateral damage and estimating impact(s). 1
K0392 Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.). 9
K0395 Knowledge of computer networking fundamentals (i.e., basic computer components of a network, types of networks, etc.). 10
K0402 Knowledge of criticality and vulnerability factors (e.g., value, recuperation, cushion, countermeasures) for target selection and applicability to the cyber domain. 1
K0409 Knowledge of cyber intelligence/information collection capabilities and repositories. 4
K0413 Knowledge of cyber operation objectives, policies, and legalities. 3
K0417 Knowledge of data communications terminology (e.g., networking protocols, Ethernet, IP, encryption, optical devices, removable media). 10
K0426 Knowledge of dynamic and deliberate targeting. 1
K0427 Knowledge of encryption algorithms and cyber capabilities/tools (e.g., SSL, PGP). 8
K0431 Knowledge of evolving/emerging communications technologies. 11
K0436 Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects. 8
K0437 Knowledge of general Supervisory control and data acquisition (SCADA) system components. 4
K0439 Knowledge of governing authorities for targeting. 2
K0440 Knowledge of host-based security products and how those products affect exploitation and reduce vulnerability. 8
K0444 Knowledge of how Internet applications work (SMTP email, web-based email, chat clients, VOIP). 11
K0445 Knowledge of how modern digital and telephony networks impact cyber operations. 9
K0446 Knowledge of how modern wireless communications systems impact cyber operations. 8
K0449 Knowledge of how to extract, analyze, and use metadata. 7
K0457 Knowledge of intelligence confidence levels. 3
K0458 Knowledge of intelligence disciplines. 3
K0460 Knowledge of intelligence preparation of the environment and similar processes. 5
K0461 Knowledge of intelligence production processes. 1
K0464 Knowledge of intelligence support to planning, execution, and assessment. 6
K0465 Knowledge of internal and external partner cyber operations capabilities and tools. 6
K0466 Knowledge of internal and external partner intelligence processes and the development of information requirements and essential information. 1
K0471 Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering). 9
K0473 Knowledge of intrusion sets. 3
K0478 Knowledge of legal considerations in targeting. 1
K0479 Knowledge of malware analysis and characteristics. 2
K0497 Knowledge of operational effectiveness assessment. 2
K0499 Knowledge of operations security. 8
K0507 Knowledge of organization or partner exploitation of digital networks. 6
K0516 Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc. 10
K0533 Knowledge of specific target identifiers, and their usage. 2
K0542 Knowledge of target development (i.e., concepts, roles, responsibilities, products, etc.). 2
K0543 Knowledge of target estimated repair and recuperation times. 1
K0546 Knowledge of target list development (i.e. Restricted, Joint, Candidate, etc.). 1
K0547 Knowledge of target methods and procedures. 2
K0549 Knowledge of target vetting and validation procedures. 3
K0551 Knowledge of targeting cycles. 3
K0555 Knowledge of TCP/IP networking protocols. 1
K0556 Knowledge of telecommunications fundamentals. 6
K0560 Knowledge of the basic structure, architecture, and design of modern communication networks. 10
K0561 Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection). 8
K0565 Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. 11
K0598 Knowledge of the structure and intent of organization specific plans, guidance and authorizations. 6
K0603 Knowledge of the ways in which targets or threats use the Internet. 6
K0604 Knowledge of threat and/or target systems. 4
K0614 Knowledge of wireless technologies (e.g., cellular, satellite, GSM) to include the basic structure, architecture, and design of modern wireless communications systems. 7

Skills 28

Code Description Work Roles
S0187 Skill in applying various analytical methods, tools, and techniques (e.g., competing hypotheses; chain of reasoning; scenario methods; denial and deception detection; high impact-low probability; network/association or link analysis; Bayesian, Delphi, and Pattern analyses). 3
S0189 Skill in assessing and/or estimating effects generated during and after cyber operations. 3
S0194 Skill in conducting non-attributable research. 5
S0196 Skill in conducting research using deep web. 3
S0203 Skill in defining and characterizing all pertinent aspects of the operational environment. 6
S0205 Skill in determining appropriate targeting options through the evaluation of available capabilities against desired effects. 2
S0208 Skill in determining the physical location of network devices. 2
S0216 Skill in evaluating available capabilities against desired effects to provide effective courses of action. 2
S0218 Skill in evaluating information for reliability, validity, and relevance. 8
S0222 Skill in fusion analysis 2
S0227 Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes. 4
S0228 Skill in identifying critical target elements, to include critical target elements for the cyber domain. 4
S0229 Skill in identifying cyber threats which may jeopardize organization and/or partner interests. 5
S0248 Skill in performing target system analysis. 3
S0249 Skill in preparing and presenting briefings. 8
S0256 Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships. 5
S0274 Skill in reviewing and editing target materials. 2
S0278 Skill in tailoring analysis to the necessary levels (e.g., classification and organizational). 6
S0285 Skill in using Boolean operators to construct simple and complex queries. 4
S0287 Skill in using geospatial data and applying geospatial resources. 2
S0288 Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.). 4
S0289 Skill in using multiple search engines (e.g., Google, Yahoo, LexisNexis, DataStar) and tools in conducting open-source searches. 4
S0292 Skill in using targeting databases and software packages. 2
S0296 Skill in utilizing feedback to improve processes, products, and services. 9
S0297 Skill in utilizing virtual collaborative workspaces and/or tools (e.g., IWS, VTCs, chat rooms, SharePoint). 7
S0302 Skill in writing effectiveness reports. 1
S0360 Skill to analyze and assess internal and external partner cyber operations capabilities and tools. 6
S0361 Skill to analyze and assess internal and external partner intelligence processes and the development of information requirements and essential information. 1

Abilities 14

Code Description Work Roles
A0013 Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. 14
A0066 Ability to accurately and completely source all data used in intelligence, assessment and/or planning products. 12
A0080 Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists. 6
A0084 Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products. 7
A0087 Ability to focus research efforts to meet the customer’s decision-making needs. 6
A0088 Ability to function effectively in a dynamic, fast-paced environment. 7
A0089 Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise. 13
A0091 Ability to identify intelligence gaps. 6
A0101 Ability to recognize and mitigate cognitive biases which may affect analysis. 6
A0102 Ability to recognize and mitigate deception in reporting and analysis. 5
A0106 Ability to think critically. 9
A0109 Ability to utilize multiple intelligence sources across all intelligence disciplines. 6
A0085 Ability to exercise judgment when policies are not well-defined. 9
A0073 Ability to clearly articulate intelligence requirements into well-formulated research questions and requests for information. 2

Tasks 35

Code Description Work Roles
T0561 Accurately characterize targets. 1
T0582 Provide expertise to course of action development. 5
T0588 Provide expertise to the development of measures of effectiveness and measures of performance. 2
T0594 Build and maintain electronic target folders. 1
T0597 Collaborate with intelligence analysts/targeting organizations involved in related areas. 4
T0599 Collaborate with other customer, Intelligence and targeting organizations involved in related cyber areas. 2
T0661 Develop measures of effectiveness and measures of performance. 2
T0617 Conduct nodal analysis. 5
T0624 Conduct target research and analysis. 3
T0633 Coordinate target vetting with appropriate partners. 1
T0642 Maintain awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology. 2
T0650 Determine what technologies are used by a given target. 3
T0652 Develop all-source intelligence targeting materials. 1
T0663 Develop munitions effectiveness assessment or operational assessment materials. 2
T0684 Estimate operational effects generated through cyber activities. 2
T0688 Evaluate available capabilities against desired effects to recommend efficient solutions. 1
T0707 Generate requests for information. 5
T0710 Identify and evaluate threat critical capabilities, requirements, and vulnerabilities. 3
T0717 Identify critical target elements. 1
T0731 Initiate requests to guide tasking and assist with collection management. 1
T0744 Maintain target lists (i.e., RTL, JTL, CTL, etc.). 1
T0769 Perform targeting automation activities. 1
T0770 Characterize websites. 1
T0776 Produce target system analysis products. 1
T0781 Provide aim point and reengagement recommendations. 1
T0782 Provide analyses and support for effectiveness assessment. 3
T0790 Provide input for targeting effectiveness assessments for leadership acceptance. 1
T0794 Provide operations and reengagement recommendations. 1
T0797 Provide target recommendations which meet leadership objectives. 4
T0798 Provide targeting products and targeting support as designated. 1
T0799 Provide time sensitive targeting support. 1
T0802 Review appropriate information sources to determine validity and relevance of information gathered. 2
T0815 Sanitize and minimize information to protect sources and methods. 1
T0824 Support identification and documentation of collateral effects. 1
T0835 Work closely with planners, analysts, and collection managers to identify intelligence gaps and ensure intelligence requirements are accurate and up-to-date. 1